LibreChat/api/cache/banViolation.js

const Session = require('../models/Session');
const getLogStores = require('./getLogStores');
const { isEnabled, math, removePorts } = require('../server/utils');
const { BAN_VIOLATIONS, BAN_INTERVAL } = process.env ?? {};
const interval = math(BAN_INTERVAL, 20);

/**
 * Bans a user based on violation criteria.
 *
 * If the user's violation count is a multiple of the BAN_INTERVAL, the user will be banned.
 * The duration of the ban is determined by the BAN_DURATION environment variable.
 * If BAN_DURATION is not set or invalid, the user will not be banned.
 * Sessions will be deleted and the refreshToken cookie will be cleared even with
 * an invalid or nill duration, which is a "soft" ban; the user can remain active until
 * access token expiry.
 *
 * @async
 * @param {Object} req - Express request object containing user information.
 * @param {Object} res - Express response object.
 * @param {Object} errorMessage - Object containing user violation details.
 * @param {string} errorMessage.type - Type of the violation.
 * @param {string} errorMessage.user_id - ID of the user who committed the violation.
 * @param {number} errorMessage.violation_count - Number of violations committed by the user.
 *
 * @returns {Promise<void>}
 *
 */
const banViolation = async (req, res, errorMessage) => {
  if (!isEnabled(BAN_VIOLATIONS)) {
    return;
  }

  if (!errorMessage) {
    return;
  }

  const { type, user_id, prev_count, violation_count } = errorMessage;

  const prevThreshold = Math.floor(prev_count / interval);
  const currentThreshold = Math.floor(violation_count / interval);

  if (prevThreshold >= currentThreshold) {
    return;
  }

  await Session.deleteAllUserSessions(user_id);
  res.clearCookie('refreshToken');

  const banLogs = getLogStores('ban');
  const duration = banLogs.opts.ttl;

  if (duration <= 0) {
    return;
  }

  req.ip = removePorts(req);
  console.log(`[BAN] Banning user ${user_id} @ ${req.ip} for ${duration / 1000 / 60} minutes`);
  const expiresAt = Date.now() + duration;
  await banLogs.set(user_id, { type, violation_count, duration, expiresAt });
  await banLogs.set(req.ip, { type, user_id, violation_count, duration, expiresAt });

  errorMessage.ban = true;
  errorMessage.ban_duration = duration;

  return;
};

module.exports = banViolation;
feat: Message Rate Limiters, Violation Logging, & Ban System 🔨 (#903) * refactor: require Auth middleware in route index files * feat: concurrent message limiter * feat: complete concurrent message limiter with caching * refactor: SSE response methods separated from handleText * fix(abortMiddleware): fix req and res order to standard, use endpointOption in req.body * chore: minor name changes * refactor: add isUUID condition to saveMessage * fix(concurrentLimiter): logic correctly handles the max number of concurrent messages and res closing/finalization * chore: bump keyv and remove console.log from Message * fix(concurrentLimiter): ensure messages are only saved in later message children * refactor(concurrentLimiter): use KeyvFile instead, could make other stores configurable in the future * feat: add denyRequest function for error responses * feat(utils): add isStringTruthy function Introduce the isStringTruthy function to the utilities module to check if a string value is a case-insensitive match for 'true' * feat: add optional message rate limiters by IP and userId * feat: add optional message rate limiters by IP and userId to edit route * refactor: rename isStringTruthy to isTrue for brevity * refactor(getError): use map to make code cleaner * refactor: use memory for concurrent rate limiter to prevent clearing on startup/exit, add multiple log files, fix error message for concurrent violation * feat: check if errorMessage is object, stringify if so * chore: send object to denyRequest which will stringify it * feat: log excessive requests * fix(getError): correctly pluralize messages * refactor(limiters): make type consistent between logs and errorMessage * refactor(cache): move files out of lib/db into separate cache dir >> feat: add getLogStores function so Keyv instance is not redundantly created on every violation feat: separate violation logging to own function with logViolation * fix: cache/index.js export, properly record userViolations * refactor(messageLimiters): use new logging method, add logging to registrations * refactor(logViolation): make userLogs an array of logs per user * feat: add logging to login limiter * refactor: pass req as first param to logViolation and record offending IP * refactor: rename isTrue helper fn to isEnabled * feat: add simple non_browser check and log violation * fix: open handles in unit tests, remove KeyvMongo as not used and properly mock global fetch * chore: adjust nodemon ignore paths to properly ignore logs * feat: add math helper function for safe use of eval * refactor(api/convos): use middleware at top of file to avoid redundancy * feat: add delete all static method for Sessions * fix: redirect to login on refresh if user is not found, or the session is not found but hasn't expired (ban case) * refactor(getLogStores): adjust return type * feat: add ban violation and check ban logic refactor(logViolation): pass both req and res objects * feat: add removePorts helper function * refactor: rename getError to getMessageError and add getLoginError for displaying different login errors * fix(AuthContext): fix type issue and remove unused code * refactor(bans): ban by ip and user id, send response based on origin * chore: add frontend ban messages * refactor(routes/oauth): add ban check to handler, also consolidate logic to avoid redundancy * feat: add ban check to AI messaging routes * feat: add ban check to login/registration * fix(ci/api): mock KeyvMongo to avoid tests hanging * docs: update .env.example > refactor(banViolation): calculate interval rate crossover, early return if duration is invalid ci(banViolation): add tests to ensure users are only banned when expected * docs: improve wording for mod system * feat: add configurable env variables for violation scores * chore: add jsdoc for uaParser.js * chore: improve ban text log * chore: update bun test scripts * refactor(math.js): add fallback values * fix(KeyvMongo/banLogs): refactor keyv instances to top of files to avoid memory leaks, refactor ban logic to use getLogStores instead refactor(getLogStores): get a single log store by type * fix(ci): refactor tests due to banLogs changes, also make sure to clear and revoke sessions even if ban duration is 0 * fix(banViolation.js): getLogStores import * feat: handle 500 code error at login * fix(middleware): handle case where user.id is _id and not just id * ci: add ban secrets for backend unit tests * refactor: logout user upon ban * chore: log session delete message only if deletedCount > 0 * refactor: change default ban duration (2h) and make logic more clear in JSDOC * fix: login and registration limiters will now return rate limiting error * fix: userId not parsable as non ObjectId string * feat: add useTimeout hook to properly clear timeouts when invoking functions within them refactor(AuthContext): cleanup code by using new hook and defining types in ~/common * fix: login error message for rate limits * docs: add info for automated mod system and rate limiters, update other docs accordingly * chore: bump data-provider version 2023-09-13 10:57:07 -04:00			`const Session = require('../models/Session');`
			`const getLogStores = require('./getLogStores');`
			`const { isEnabled, math, removePorts } = require('../server/utils');`
			`const { BAN_VIOLATIONS, BAN_INTERVAL } = process.env ?? {};`
			`const interval = math(BAN_INTERVAL, 20);`

			`/**`
			`* Bans a user based on violation criteria.`
			`*`
			`* If the user's violation count is a multiple of the BAN_INTERVAL, the user will be banned.`
			`* The duration of the ban is determined by the BAN_DURATION environment variable.`
			`* If BAN_DURATION is not set or invalid, the user will not be banned.`
			`* Sessions will be deleted and the refreshToken cookie will be cleared even with`
			`* an invalid or nill duration, which is a "soft" ban; the user can remain active until`
			`* access token expiry.`
			`*`
			`* @async`
			`* @param {Object} req - Express request object containing user information.`
			`* @param {Object} res - Express response object.`
			`* @param {Object} errorMessage - Object containing user violation details.`
			`* @param {string} errorMessage.type - Type of the violation.`
			`* @param {string} errorMessage.user_id - ID of the user who committed the violation.`
			`* @param {number} errorMessage.violation_count - Number of violations committed by the user.`
			`*`
			`* @returns {Promise<void>}`
			`*`
			`*/`
			`const banViolation = async (req, res, errorMessage) => {`
			`if (!isEnabled(BAN_VIOLATIONS)) {`
			`return;`
			`}`

			`if (!errorMessage) {`
			`return;`
			`}`

			`const { type, user_id, prev_count, violation_count } = errorMessage;`

			`const prevThreshold = Math.floor(prev_count / interval);`
			`const currentThreshold = Math.floor(violation_count / interval);`

			`if (prevThreshold >= currentThreshold) {`
			`return;`
			`}`

			`await Session.deleteAllUserSessions(user_id);`
			`res.clearCookie('refreshToken');`

			`const banLogs = getLogStores('ban');`
			`const duration = banLogs.opts.ttl;`

			`if (duration <= 0) {`
			`return;`
			`}`

			`req.ip = removePorts(req);`
			console.log(`[BAN] Banning user ${user_id} @ ${req.ip} for ${duration / 1000 / 60} minutes`);
			`const expiresAt = Date.now() + duration;`
			`await banLogs.set(user_id, { type, violation_count, duration, expiresAt });`
			`await banLogs.set(req.ip, { type, user_id, violation_count, duration, expiresAt });`

			`errorMessage.ban = true;`
			`errorMessage.ban_duration = duration;`

			`return;`
			`};`

			`module.exports = banViolation;`